Hi all,
I am an IT manager for a large municipal department with 1200 employees, many enjoying the use of FrontMotion FireFox. Our corporate IT has told us recently they are uninstalling FrontMotion (in favor of Chrome Enterprise; along with the standard IE). The reason: "because FireFox is open source and so it isn't' really supported like the other browsers."
I think that's hogwash--as demonstrated by this forum--but I need a bit more fact to push back with. For example a release schedule for patches, and any other info you can provide me to demonstrate that FrontMotion is just as "supported" as any other browser.

It's definitely a BS reason. Firefox has a huge installed base and has more extensions/plugins than IE. The Extended Service Release of Firefox is very well supported. I would actually more concerned with what information Google is collecting with their browser in a corporate environment.

I'm an IT Director at a medium sized transportation company and we've been happily using Fronmotion Firefox for years, especially since it ties in so well with group policies.

I guess it's nice that they are at least giving users a browser option. But why not support all 3 browsers: IE, Firefox and Chrome?

Firefox does not support Windows Certificate Store, so company ssl certificates are a problem. There is no easy way, certificates need to be installed into each users' local profile database. For Intranet and other internal webbased applications that you secure with ssl certificates (https), Firefox reports a problem... With IE and Chrome you can manage certificates centrally and easily by GPOs. Biggest disadvantage here.

If there is a new security problem, new Firefox versions come out fast, but you never know how long it takes until the FrontMotion Firefox will get the update - for businesses this is a factor. With Chrome you get official updates really fast and you can deploy them, with FrontMotion Firefox you need to wait as you cannot use the normal official Firefox updates. In general, you are always behind the official versions.

In FrontMotion Firefox you can disable the default browser check at browser start by GPO, but you cannot disable the button in the settings dialogue to manually set the default browser (if in a company IE is main browser and Firefox is additional browser, this is something you cannot manage successfully then). (At least, I do not know how to achieve this.)

Some users ask at our support why we have a Firefox nightly release, this is not only the blue icon (which I like), but what is displayed in about dialogue.

Our Dell Optiplex systems with Intel graphics made Firefox crash regularly with Firefox 32 which was not the case with Firefox 25 (we did not use the versions in between). This was related to hardware acceleration that we needed to disable by GPO (not a Frontmotion problem, but Firefox in general). Now with Firefox 37 (again skipped some versions), the fonts look blurry with disabled hardware acceleration... And with Firefox the UI gets changing quite often which is not liked by every IT support (might be true for Chrome, too).

From time to time there is a new problem with FrontMotion Firefox (due to the Frontmotion adjustments), so testing is essential before deployment (a GPO setting suddenly does not work anymore, an updater.exe gives false positives with Antivirus detection, ... -- just look into the forum). I personally have no problem with that, but I guess that you have a little bit more own work if you decide to use Firefox in your corporate environment.

I like Firefox best, and I like Frontmotion Firefox, and we use it in our environment, but I just want to add that not everything is as professional (in admin terms for corporations) as with IE or Chrome (both with own disadvantages as well). And you do not know how long Frontmotion Firefox will be offered, there is no guarantee, so you must expect to change to another browser (or another Firefox solution) in the future if this service someday might be stopped.

But most of the times, a new Frontmotion Firefox version can be deployed quite easily.

You should tell your corporate IT that Chrome is also open source, and definitely isn't supported like the other browsers.

Chrome is designed to work with Google websites. That's it. Compatibility with any other company's websites are incidental. Chrome breaks websites far more often than Firefox. I have to support both (courtesy of Chromebooks). It's an absolute nightmare to keep Chrome happy. Google's documentation is sparse and regularly contradictory, when you contact Google for help they're even more confused than you are.

If your corporate IT wants to maintain all their websites on the same release cycle as Google, hey, more power to them, but I think their money would be better spent on other things. They'll need to regularly test the beta and dev branches of Chrome against their websites and make adjustments as needed so that future releases of Chrome won't break them. If they don't then they're just playing russian roulette with all the systems they administer. Eventually the gun's going to go off... and then they'll demand that nobody use anything except IE, which is probably their ultimate goal. To go back to Firefox at that point would be admitting they made a mistake...

Victory! They have decided to "investigate further" before uninstalling FireFox. Given the amount of pushback this forum enabled, I don't expect this subject to come up again anytime soon. Thanks to all for your help.

Google Chrome is based on the Chromium open source project. The lion's share of what makes Chrome Chrome comes from Chromium, they just add some closed-source undocumented components (some of which are amusingly referred to in some circles as the "botnet", since they make Chrome send data to Google's servers) to a Chromium release to create a Chrome release.

It's always good news when IT listens to their users. Bad things happen when they don't.

I'm an IT analyst and we've gone through the alternate browser argument and actually settled on FrontMotion because it was easier to harden than the standard Mozilla install.

Amen on the undocumented source code. Chrome has been known to be notoriously slow, buggy even on the first "stable" releases, and creates unwanted web traffic (which is a bear if your site web filters) because it also installs a Google update service to go out and check for updates periodically (God forbid you actually want to test updates before your users get them).

Also, Flash Player updates are automatically included in Chrome updates, so if you have an issue with Flash (that's an oxymoron), then your Chrome browser is hosed.

To MonkeyBoy's point, Chrome is just as much "open source" as Firefox. For example, Mozilla came out with an extension for disable SSL 3.0 for POODLE pretty quickly while they were testing updates to Firefox 34, to be proactive. Google's response was to launch Firefox with a --ssl-version-min=tls1 switch, tell people to update their servers, and then released a true fix in Chrome 40.

They should just do a security analysis on the pros and cons and come up with strategies to harden the browsers via GPOs and call it a day.

Good news for companies regarding self signed certificates. After several years of blocking the request to accept SSL certificates in Windows store, now a solution is coming. Firefox 49 will support Windows root certificates, here is the bugzilla thread:https://bugzilla.mozilla.org/show_bug.cgi?id=1265113

Firefox will read the certs from specific Windows store where companies deploy them using GPO and keeps them in memory. So they will not be imported to Firefox database. When Firefox closes, it is the same as before. Every time, Firefox starts, this happens again.
From my perspective, a very elegant and good solution.

I switched to Beta channel to get FF 49 beta, and I was able to test it in corporate environment. Before, when visiting an intranet site with https, Firefox displayed a certificate warning and users had to accept and import the certificate on their own, every time the cert gets updated. With FF 49 beta, the intranet sites get shown directly with the green trusted lock symbol, the certificate was read and used from Windows store.

In about:config (or for Frontmotion Firefox CE via GPO), the setting security.enterprise_roots.enabled must be True (boolean). I assume that this will not be the default value, so you need to set this option, but this is easy (as Firefox CE admx files did not get an update for a long time, you can edit the file with an text editor and just add it, I did this with other settings without a problem).

While I think it's great that they're trying. I just don't see it helping gain anything at this point. Too many people have moved onto Chrome or just stick with IE due to ease of using GPO. I know that I am one of the few at work that use Firefox and I'm the IT guy. I've gotten SSL certs to work using certutil, but it's doesn't work on first login, only after. It annoying and cumbersome. If they should make it the default at least.